[COSE] COSE authentication tag encoding
Brian Sipos <BSipos@rkf-eng.com> Tue, 09 April 2019 01:16 UTC
Return-Path: <BSipos@rkf-eng.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00B06120181 for <cose@ietfa.amsl.com>; Mon, 8 Apr 2019 18:16:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rkfeng.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hLIrbHJ7UQ5n for <cose@ietfa.amsl.com>; Mon, 8 Apr 2019 18:16:26 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-eopbgr760040.outbound.protection.outlook.com [40.107.76.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CACF12003E for <cose@ietf.org>; Mon, 8 Apr 2019 18:16:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rkfeng.onmicrosoft.com; s=selector1-rkfeng-com0i; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=b+WODRjsVITFkvwAsMkTYgzGi5CO2koToLrfozo1PDQ=; b=cQOTRsajYJn9nseENc1sCl6BqBY4nOQseZVRpfqSXJHYi/nLIe+IvZJFVyjfJKpUtLFA11ix6xF4uXWtcivM2AdkwBW8GETyVTTrS4TAETXg7mES1XmM1uZ/ec2haCsRZfCfUPvQtd+YAUZ9fnXX/ToNO4M+5IRx+Bp2sCnkOXQ=
Received: from CY4PR1301MB2039.namprd13.prod.outlook.com (10.171.240.14) by CY4PR1301MB1942.namprd13.prod.outlook.com (10.171.223.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1792.11; Tue, 9 Apr 2019 01:16:24 +0000
Received: from CY4PR1301MB2039.namprd13.prod.outlook.com ([fe80::c72:6b85:66ca:845c]) by CY4PR1301MB2039.namprd13.prod.outlook.com ([fe80::c72:6b85:66ca:845c%3]) with mapi id 15.20.1792.009; Tue, 9 Apr 2019 01:16:24 +0000
From: Brian Sipos <BSipos@rkf-eng.com>
To: "cose@ietf.org" <cose@ietf.org>
Thread-Topic: COSE authentication tag encoding
Thread-Index: AQHU7nHZR0+ZUNBh6EmMJ13RHrToUw==
Date: Tue, 09 Apr 2019 01:16:24 +0000
Message-ID: <fadb6f8d2fcfe6638365ad837736d94503c6d62c.camel@rkf-eng.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [73.250.91.32]
x-mailer: Evolution 3.28.5 (3.28.5-3.fc28)
x-clientproxiedby: DM5PR05CA0009.namprd05.prod.outlook.com (2603:10b6:3:d4::19) To CY4PR1301MB2039.namprd13.prod.outlook.com (2603:10b6:910:48::14)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=BSipos@rkf-eng.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0ba213ba-2c84-4ce8-5cda-08d6bc88fb55
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(5600139)(711020)(4605104)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(2017052603328)(7193020); SRVR:CY4PR1301MB1942;
x-ms-traffictypediagnostic: CY4PR1301MB1942:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <CY4PR1301MB19424129FF8BADB466C2037E9F2D0@CY4PR1301MB1942.namprd13.prod.outlook.com>
x-forefront-prvs: 000227DA0C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(39830400003)(396003)(346002)(366004)(376002)(199004)(189003)(6512007)(86362001)(72206003)(6486002)(8676002)(3480700005)(53936002)(486006)(2351001)(966005)(97736004)(36756003)(6116002)(50226002)(102836004)(1730700003)(81156014)(81166006)(6506007)(5640700003)(6436002)(386003)(2616005)(14454004)(3846002)(8936002)(106356001)(186003)(26005)(476003)(105586002)(316002)(25786009)(5660300002)(66066001)(118296001)(256004)(6916009)(7736002)(2906002)(71190400001)(71200400001)(80792005)(508600001)(2501003)(6306002)(52116002)(99286004)(68736007)(305945005)(99106002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR1301MB1942; H:CY4PR1301MB2039.namprd13.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: rkf-eng.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: vsQc63tE3JPOnERSOsCIX0Beki/EHAqNPG8o9ePLz3xOQYUcMpsaaj81nbwDPxxCEPmLtLgQS5WJYUPtRvnJfroIRGjfedcklILYJetl1+BaDr+VtO5wqZQMsvChh8B/aSzb5ecF/LUpzwAgynwzuy/iq8KPN0tnhgdeGGSKDV2SyRho2f6rTblKYaabaFWBrIylfsOB2WMazRPO8FU5SMQ06Qzs5yGfrT9k9ZnbZWZtfu9JTWLwXaORV7b2dUkinldnIIiAS1TiqXcIYbfR43D0P5CUozg5QR6z/DMK7XSJ6k90/8Q3bxDSIQ6lZX3x+1qDGRAhzhJmrw5bOF/Yob7YkOuRWU3EeOjsQBSYC4e04YJpZKFy7RIF+H3Jdo4uKUn5jpzWyfQkVGEsepVSIjmn2qdzpAD6A+h+MtJvbvk=
Content-Type: text/plain; charset="utf-8"
Content-ID: <9E33A74CD85A724EAEDAA2C37C4B3C15@namprd13.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: rkf-eng.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0ba213ba-2c84-4ce8-5cda-08d6bc88fb55
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2019 01:16:24.3377 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4ed8b15b-911f-42bc-8524-d89148858535
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1301MB1942
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/0af9UY9Qe-WBsblqhPNaEUHWY-k>
Subject: [COSE] COSE authentication tag encoding
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2019 01:16:29 -0000
Hello, I had been interested in using COSE a while back, before RFC 8152 was published, and am just getting back to looking into COSE as a standard container. One thing that I still find confusing is how the *-GCM encryption algorithms are supposed to represent the authentication tag result. I see in [1] the statement that COSE does different than JOSE to "Combine the authentication tag for encryption algorithms with the ciphertext". Other than this one statement, I am struggling to see where the authentication tag gets encoded based on the actual requirements statements in the document. Am I just missing something very fundamental, or is there an implicit behavior to append the authentication tag data to the ciphertext? It would be useful for someone like me, who has not followed JOSE/COSE too closely, to have this kind of detail indicated with an actual requirement statement within the algorithm description(s). Thanks for any guidance, Brian S. [1]: https://tools.ietf.org/html/rfc8152#section-1.1
- [COSE] COSE authentication tag encoding Brian Sipos
- Re: [COSE] COSE authentication tag encoding Ilari Liusvaara
- Re: [COSE] COSE authentication tag encoding Jim Schaad